class LoginController < ApplicationController
  
  #sets the user_id [in session] to nil   ---> logout
  def logout
    session[:user_id] = nil
    flash[:notice] = "Logged out"
    redirect_to "/start_page"
  end

  #retrieves an user from the parameters username and password and sets the session[:user_id]
  def authenticate
    if params[:commit] then
    @error = ""
    @user = User.find(:first, :conditions => "username = '#{params[:username]}' AND password = '#{params[:password]}'")
      if(!@user.nil?) then
        session[:user_id] = @user.id
        redirect_to "/start_page"
      else
       #@error = "Login incorrect. Retry"
       flash[:warning] = "Login incorrect. Retry"
       redirect_to "/start_page"
      end
    end
  end
  
  #displays the login box through a render
  def showloginbox    
    render :partial=>"login"
  end

end